422e84b16d
Updated API version in watchlists
2022-10-13 15:21:55 +05:30
a805390f66
Merge pull request #4643 from swiftsolves-msft/tcpudpports-nates
...
TCPandUDP Port Description Watchlist
2022-10-11 15:41:24 +05:30
c164cb7c18
Merge pull request #4627 from swiftsolves-msft/riskuserwatchlist-nates
...
Update-RiskyUserWatchlist
2022-08-03 14:40:25 +05:30
f24871a053
Update azuredeploy.json
...
added new do while loop to cover limit of 100 results returned from api, will now cycle through each 100 results until complete, added a back off cooling delay for api limits 30 calls in a minute.
2022-05-27 14:29:13 -04:00
9c4c79e80d
Adding deployment and migration tracker template
2022-05-26 19:52:29 -04:00
7ecb0a4e94
Update azuredeploy.json
...
switched out sentinel action - create watchlist for HTTP Action calling sentinel watchlist api instead, updated body PUT request to include json object properties: {}
2022-04-29 16:01:18 -04:00
0c45b3655c
TCPandUDP Port Description Watchlist
...
This watchlist is meant to create a table of offical and unoffical tcp and udp port information. This watchlist can be used to provide context to other network based logs that do not contain port description or application service information running on port.
2022-04-14 00:29:49 -04:00
9a52f7f541
Update-RiskyUserWatchlist
...
New Logic watchlist add/update - timer based this logic app weekly connects to Defender for Cloud App and pulls risky users, some user context information, threat score, and direct user url.
2022-04-13 00:41:42 -04:00
1d976b4e3c
Revert "Adding disabled flag"
...
This reverts commit 6a6b948532
2021-10-12 09:43:32 +03:00
6a6b948532
Adding disabled flag
2021-10-12 09:07:54 +03:00
c6b653d5ca
Update run.ps1
2021-07-12 15:57:33 -04:00
4253580873
fix doc link for validation
2021-07-02 16:52:18 +00:00
7ae7ff3d27
final fixes
2021-07-02 16:47:09 +00:00
de0288a9b2
bugs
2021-07-02 15:58:08 +00:00
b460013bb4
fix
2021-07-02 15:26:02 +00:00
3d943d5b17
fix zip
2021-07-02 15:16:14 +00:00
a3c43de90b
updates
2021-07-02 15:11:55 +00:00
2ba800ed02
change to use az command and rawcontent for update
2021-07-02 14:56:08 +00:00
550e9b30b3
Adjusting for timeout
2021-07-02 00:08:54 +00:00
47e58d07c1
update timeout
2021-07-01 18:26:26 +00:00
06da0dfa00
Set functionTimeout
2021-07-01 18:17:45 +00:00
34988fcdaa
Fix Get-Date
2021-07-01 18:04:11 +00:00
e94247ea0f
Prep for deploy
2021-07-01 17:53:04 +00:00
c4f5f20f11
Update run.ps1
2021-07-01 15:46:36 +00:00
b1bfadd3f5
Update run.ps1
2021-06-28 16:44:43 +00:00
dbbdc3dea9
v0.1
2021-06-26 19:15:00 +00:00
4a23af9be0
Updating Deploy buttons and links part 2
2021-06-16 01:40:49 +00:00
18e882367d
Modifying Watchlist templates.
2021-06-15 18:01:06 -04:00
aaccea31ef
Adding Watchlist template content.
2021-06-08 13:14:46 -04:00
1a2f9d32d0
Adding Watchlist template content.
2021-06-08 13:12:40 -04:00
30671cab98
Adding Watchlist template content.
2021-06-08 12:51:32 -04:00
40dbb5b1b5
Sample template to be used for reference.
2021-06-04 13:37:09 -04:00
60cdd794c6
Sample template to be used for reference.
2021-06-04 13:34:27 -04:00
2934f5210a
Fixing deploy button for template
2021-06-01 18:41:52 -04:00
bb5254c055
Fixed typos in the readme file
2021-05-24 15:03:10 -04:00
cb7e363a65
Adding Watchlist folder for ARM templates
2021-05-24 14:58:23 -04:00
v-rucdu
v-ntripathi
swiftsolves-msft
Matt Lowe
Yaron
Yaron Fruchtmann
Rod Trent
dicolanl